Category Archives: Technology

Artificial Intelligence will NOT take over the World

I recently posted about 4 common AI fallacies or myths regarding artificial intelligence (AI). I wanted to dive a little deeper into some of these myths, and discuss why AI will NOT take over the world.

First of all, it is easy to fear what we don’t really understand, especially when some people push the narrative of computers becoming ‘aware’, which would result in them dominating the human race.

Continue reading

2 Comments

Filed under artificial intelligence (ai), Data Science, Machine Learning, Technology

4 Common AI Fallacies

AI

An article posted on MachineLearningTimes.com discusses 4 common fallacies or myths regarding artificial intelligence (AI). These misconceptions lead to many misunderstandings and fear* regarding AI.

Wikipedia defines AI as “intelligence demonstrated by machines, unlike the natural intelligence displayed by humans and animals, which involves consciousness and emotionality.”

I like Investopedia’s definition better*: “the simulation of human intelligence in machines that are programmed to think like humans and mimic their actions.”

In the post, Melanie Mitchell, Davis Professor of Complexity at the Santa Fe Institute and author of Artificial Intelligence: A Guide For Thinking Humans, lists the 4 most common fallacies that I would summarize as follows:

  1. Narrow intelligence (being really good at one task) leads to general intelligence (being good at many things, the way humans are). In other words, computers will become super-smart and take over the world.
  2. Easy tasks are hard to automate/hard tasks are easy to automate.
  3. AI works like the human mind. This comes from using ‘human-y” terms like learn, understand, read, and think, which leads some to believe AI can achieve humanness.
  4. Intelligence is all in the AI brain. In other words, “the right algorithms and data…can create AI that lives in servers and matches human intelligence.”

Continue reading

5 Comments

Filed under Data Science, Machine Learning, Technology

How to get a Data Science job with little or no experience

data scientistWhen you’re trying to get a data science job, you need experience, but to get experience, you need a job, right? Not always, and this is the case for many jobs, not just data science.

But in data science, you can generate the experience you need yourself.

You might have seen one of my earlier posts, How to get an IT Audit job with little or no experience. Let me say from the beginning that getting an IT audit job with no experience is easier than a data science job with no experience. But according to an article from KDnuggets, it can be done. And like everything else, it takes hard work.

The article defines data science as “an interdisciplinary field that focuses on solving problems and gathering information.” 

Continue reading

Leave a comment

Filed under Audit, Blogging, Data Analytics, Data Science, Employment, Free, How to..., Technology

Another Nail in ACL’s Coffin

Diligent’s acquisition of Galvanize (ACL) is another nail in the ACL analytics coffin.

First, ACL acquired another company and created Galvanize. And we were told governance, risk, and compliance (GRC) would never be the same.

And I told you that ACL analytics would never be the same. In fact, I predicted that this acquisition meant that ACL analytics was dying (when I say ACL analytics, I’m referring to the Windows desktop version that they built the original company on).

For more on this, see ACL Officially Changes Name & Spots  and Is ACL Analytics Dying?

Continue reading

10 Comments

Filed under ACL, Audit, Data Analytics, Scripting (ACL), Technology, Written by Skyyler

Critical Thinking? How about just Thinking?

It seems to me that auditing as a profession is not full of critical thinkers, much less thinkers.

If you read my last post about auditor judgment, I’m struggling with some of the junior auditors that I’m working with.

But I’m also struggling with quite a few of the senior auditors that I work with, those that are my peers (which means they peer at what I’m doing and how I’m doing it and then continue on their merry paths).

I came to this opinion based on most of the auditors I’ve met through the years across many companies, small and big, and across sectors, including public service. And also by the many articles calling for the profession to do more critical thinking, and yes, it is needed. 

But let’s start with plain old thinking (walk before run).

Continue reading

2 Comments

Filed under Audit, Data Analytics, Excel, Humor/Irony, Technology

Quote of the Weak – Auditor Judgment

We recently acquired a new data analysis tool in our department, which prompted some of our newbie auditors to share their misunderstanding of auditor judgment and basic data analysis.

A group of less experienced and newer auditors were selected to try out the new tool before it was rolled out department-wide.

 If you’re not familiar with my ‘Quote of the Weak’ series, I described it briefly in About. For a list of posts in this series, see here. If you haven’t seen one of these posts before, it’s because I haven’t had one in a while…

Continue reading

4 Comments

Filed under Audit, Data Analytics, Humor/Irony, Quote of the Weak, Technology

Some Periodic Reviews Provide Little Assurance

securityI’ve written before how some periodic reviews provide management with little assurance, but management doesn’t realize how little.

My previous post focused mostly on server access. In this post, I want to look at normal user access.

For example, let’s assume your company has a policy that states that all IDs must be assigned within an Active Directory group. In other words, IDs are assigned to groups, and groups are assigned to assets; IDs should not be assigned directly to an asset.

Assume the control you are testing states that user access is reviewed annually.

Continue reading

Leave a comment

Filed under Audit, Security, Technology

A Sneaky Way to Analyze IT Controls

When auditors need to identify and understand IT controls, they search the company intranet, review policies, look for Github repositories, review inventories, schedule meetings, and analyze IT asset data.

I stumbled on a better way to get insight into the IT controls in my company, and I didn’t have to email anyone, do any research, or frankly, anything outright. The IT controls came after me.

Fortunately, the IT controls were blind to the fact that I am an IT auditor. To them, I was just an ordinary bloke. But that didn’t last long (more on that later).

It Began a Few Years Back

It all started a couple years ago when I was building the infrastructure required to support our data analytic efforts in internal audit.

Continue reading

Leave a comment

Filed under Audit, Case Files, Security, Technology

ACL Officially Changes Name & Spots

It’s official: ACL is changing its name AND its spots.

I’ve claimed several times that ACL has left its first love (analytics) and doesn’t put enough work into their flagship product, ACL Analytics.

Correction: their FORMER flagship product.

At least they are publicly admitting it finally–they NO LONGER are an ANALYTICS company!

Continue reading

9 Comments

Filed under ACL, Data Analytics, Excel, Technology, Written by Skyyler

Quote of the Weak – Clean Data Manually

clean data manuallyIf you are in IT, audit, or security (or any other job requiring data analysis), you should NOT be cleaning data manually.

Let me share a recent experience with you….

A young IT auditor texted me at work and asked for some Active Directory user account data that I capture automatically every week, using some scheduled ACL scripts.

If you’re not familiar with my ‘Quote of the Weak’ series, I described it briefly in About. For a list of posts in this series, see here.

Continue reading

3 Comments

Filed under Audit, Case Files, Data Analytics, Excel, How to..., Quote of the Weak, Security, Technology

Job Automation Quiz

automation quiz

Test how much you know about automation technologies by taking the job automation quiz at Financial Management magazine.

Continue reading

Leave a comment

Filed under Audit, Free, Security, Technology

ACL Robotics is NOT Robotics

RPA the robotContrary to what ACL has been touting as their new ‘robotics’ feature, it is NOT robotics process automation (RPA).

[The ‘robotics’ feature is due out later in 2018. It appears to be ACL’s latest attempt to get you to use their GRC software.]

ACL, via John Verver, defines the term this way in his RPA article: “The idea is a relatively simple one: get computers to perform tasks normally performed by humans, and cut resource and time requirements for many repetitive activities.” Continue reading

3 Comments

Filed under ACL, Audit, Data Analytics, Scripting (ACL), Technology

Steal from Agile to Increase Audit Analytics

agile analyticsTo increase the amount and depth of the analytics performed, steal some agile methods, and apply them to your audits.

If you’re not familiar with agile methods, check out the first 5 topics listed here (just click Next at the bottom of each page; the topics are quick to the point and full of pictures).

Briefly, agile projects are performed in cycles, or iterations, rather than in a long, linear-waterfall fashion, which is: do all planning, then field work, then reporting. Each iteration of the project creates some value and includes feedback, which is used in the next iteration to increase the value of the project.

Continue reading

Leave a comment

Filed under Audit, Data Analytics, How to..., Technology, Written by Skyyler

Kyle and a Conversation about Analytics

kyle bitsA while back, a reader named Kyle and I had a conversation about analytics.

It started with his reading my Excel:Basic Data Analytics post where I list a number of procedures that anyone can do in Excel.

Kyle said he was expecting some “super sophisticated process & methodology that works like magic.”

Continue reading

Leave a comment

Filed under Audit, Data Analytics, Technology

Create a Team for Audit Analytics? Part 3

analytics team?In the previous post, Create a Team for Audit Analytics? Part 2, I explored the pros and cons of expecting all auditors to develop a level of data and analytic proficiency.

These auditors would continue to do audit testing that involves analytics as well as testing that does not involve analytics. In addition to keeping up their business skills, they would be learning and upgrading their data analytic skills.

In the first post of this series, I reviewed some of the pluses and minuses of creating a dedicated analytics team.

However, a third option exists, which is sort of a hybrid between having dedicated analytic auditors doing all the analytic work and requiring everyone to increase and develop their data and analytic skills.

Let’s explore the hybrid method in this post, and wrap up the series with a few final thoughts.

This is the third post of a 3-part series…

Continue reading

7 Comments

Filed under Audit, Data Analytics, How to..., Technology, Written by Skyyler

Create a Team for Audit Analytics? Part 2

analytics team?In the previous post, Create a Team for Audit Analytics? Part 1, I explored the pros and cons of developing an analytics team.

This team consists of analytic auditors who are dedicated to analytic projects; they would NOT typically manage audits or testing that did not include analytics.

In this post, let’s explore another option for managing and growing analytics in an audit department — expecting all auditors to develop a level of data and analytic proficiency.

This is the second post of a 3-part series…

 

Continue reading

1 Comment

Filed under Audit, Data Analytics, How to..., Technology, Written by Skyyler

Create a Team for Audit Analytics? Part 1

analytics team?Once your audit team has proven the value of doing analytics consistently, the next question is: Do we create an analytics team and have the team do all (or the majority) of the analytics?

Or should we expect all auditors to develop some levels of analytics proficiency?

Of course, this question often comes a bit further down the trail on the analytics journey, but I think the sooner it is decided, the better.

This is the first post of a 3-part series…

Continue reading

2 Comments

Filed under Audit, Data Analytics, How to..., Technology, Written by Skyyler

The Analytic Staircase for Auditors

analytic staircase stepsBuilding a successful audit analytics program is like climbing a staircase.

The staircase is a set of steps that consist of several items having increasing levels of maturity.

The staircase steps not only help you build your program, but enable you to measure that maturity.

As you view the staircase graphic, mentally insert the word “analytics” before each step.

Continue reading

3 Comments

Filed under ACL, Audit, Data Analytics, How to..., Technology, Written by Skyyler

5 Things We Need from ACL in 2018

5 thingsHere’s the 5 things I’m hoping will change in 2018 regarding ACL.

They are all related to each other and feed off each other…

Interesting.

Continue reading

9 Comments

Filed under ACL, Audit, Data Analytics, Excel, Scripting (ACL), Technology, Written by Skyyler

Quick Introduction to ACL

If you’ve ever wondered what Audit Command Language (ACL) is, here’s a quick way to find out.

ACL has provided a quick, one-page introduction to ACL. And I mean quick.

It doesn’t explain a lot, but it gives you a quick peek at the basic user interface.

You could call it the ACL Overview for Dummies.

Continue reading

2 Comments

Filed under ACL, Audit, Data Analytics, Technology

No Analytics, No Audit Department

dead-audit-department

If YOUR audit department doesn’t embrace data, analytics, and automation eventually, your audit department will NOT exist.

No data, no analytics. No analytics, no automation. Eventually, no audit department.

Editor Note: This post really applies to all departments in a company, but mainly I’m addressing auditors, but you might want to read between the business lines….

By embrace, I don’t mean have one or two auditors working on this. I mean the entire department.

Before you cite all the regulatory requirements mandating the existence of an audit department in companies, having an audit department in name only won’t cut it.

Having an inept audit department will not be acceptable to regulators, and it shouldn’t be acceptable to company management either. Or Audit Committees!

Companies need skilled and efficient auditors that can do the heavy lifting, and this need will only increase.

Continue reading

17 Comments

Filed under Audit, Data Analytics, Employment, Technology, Written by Skyyler

Audit Automation is NOT all Automation

audit automation ACLSome Chief Audit Executives (CAEs) and audit managers tend to think that audit automation is a set-it-and-forget-it process. NOT.

In this post, I want to expand on a problem I mentioned in an earlier post , 10 Signs Mgmt Doesn’t Really Support Analytics.

Audit management too often thinks that once a process or an audit is automated, ALL auditor/staff hours previously spent performing that process can be reassigned elsewhere.

That is not the case at all.

Continue reading

3 Comments

Filed under ACL, Audit, Data Analytics, Scripting (ACL), Security, Technology, Written by Skyyler

CISA Does NOT an IT Auditor Make

cisa study guide, tipsPassing the CISA exam does not make you a good IT auditor anymore than passing a driving test makes you a good driver.
Passing either exam says that you know the basics, but you still have a lot to learn.

Most likely, you still don’t know how and when to use what you know and apply it to the current situation. That’s why experience is necessary. Lots of it.

I’m going on a rant here, so reader beware. If you read on, make sure you hang in there until I make my main point in the end.

You just won’t feel the love right away…

Continue reading

10 Comments

Filed under Audit, Certification, Employment, How to..., Technology, Written by Skyyler

Robotics to Replace ACL, Part 2

robot replace ACLPreviously I wrote Will Robotics (RPA) Replace ACL?

The short answer is no, and I describe the reasons in that post.

But that doesn’t mean someone won’t try.

Shortly after I wrote my original robotics post, I encountered robotics vs. ACL, part 2.

Continue reading

1 Comment

Filed under ACL, Audit, Scripting (ACL), Technology

10+ Signs Mgmt Doesn’t Really Support Analytics

mgmt doesn't support analyticsYour management says it wants more analytics, but does it really support analytics? Here’s 10+ signs that indicate that your mgmt:

  • Does NOT knows what it takes to get analytics off the ground
  • Believes that analytics multiply like rabbits, naturally
  • Is NOT willing to make the adjustments required to deliver and sustain real value.

Continue reading

5 Comments

Filed under Audit, Data Analytics, How to..., Technology, Top 10, Written by Skyyler

New IT Auditor (and WannaBEs) Master List

Here’s a list of all my posts to-date related to becoming or growing as an IT Auditor, all in one place for easy reference.
I’ll add other posts as they are written.

Continue reading

11 Comments

Filed under Audit, Employment, How to..., Security, Technology

Use LinkedIn to get an IT Audit job

If you’re looking for an IT Audit job, here’s how to use LinkedIn to get noticed.

new-auditorIn a nutshell, you need to enhance your LinkedIn profile so that everyone knows you’re working hard at learning IT auditor skills.

If you’re already working as an IT auditor, use these suggestions to get noticed more and move ahead (or into another company with more opportunities).

Continue reading

4 Comments

Filed under Audit, Certification, Employment, How to..., Technology

Why Internal Auditors Should Care about Robotic Process Automation

3 Comments

Filed under Audit, Data Analytics, Employment, How to..., Technology

How to get an IT Audit job with little or no experience

I get asked all the time, “How do I get a job in IT audit with little or no experience?”

When Michael Onuoha asked me this question (see here), I thought I’d share my response with my readers.

You’ll find these same answers scattered around the blog as I answered people in the past, but I thought I’d pull it all together into one place.

Breaking into any field can be difficult, but it can be done. Especially when the demand for IT auditors is so high.

Continue reading

27 Comments

Filed under Audit, Certification, Employment, How to..., Technology

Top 10 Reasons Why Being an IT Auditor is So Hard

tenBefore you choose a career as an IT auditor, consider my top 10 reasons why being an IT auditor is so hard.

Continue reading

3 Comments

Filed under Audit, Employment, Technology, Top 10

Careers After IT Auditing

life-after-it-auditRecently, a reader named Porak asked me what careers IT auditors can move to when they leave auditing (see the original question here).

I couldn’t find much on the Internet on this topic, but there’s a lot of options.

I’ve actually worked in quite a few of the areas mentioned below…

Continue reading

16 Comments

Filed under Audit, Employment, How to..., Technology

Do you have User IDs Hidden in the Cloud?

hidden-in-the-cloudIt’s 10 o’clock in the cloud. Do you know where all your user IDs are? Are some hidden in the cloud?

Cloud security if often cloudy because it’s not on premise where you can control it easier.

That means you may have powerful user IDs in the cloud that your security team knows nothing about, which means….

Continue reading

2 Comments

Filed under Audit, Case Files, Technology

Real Auditors Use Excel PowerPivot

powerpivot iconIf you’re an auditor and you are not yet using Excel PowerPivot, you are missing the next greatest thing since spreadsheets arrived.

If you are NOT an auditor, and you don’t use PowerPivot, you’re in the same boat with the auditors mentioned above, and it is sinking.

In other words, if you use Excel, you should be learning Excel PowerPivot. It’s that big.

Let me explain why.

NOTE: I updated this post quite a bit with new info…

Continue reading

13 Comments

Filed under Audit, Data Analytics, Excel, Free, Technology